New Year Special 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: bestdeal

Achieve Success in the Isaca CGEIT Exam: A Detailed Certified in the Governance of Enterprise IT Exam Guide

Questions 91

The responsibility for the development of a business continuity plan (BCP) is BEST assigned to the:

Options:
A.

business risk manager.

B.

business owner.

C.

chief executive officer (CEO).

D.

IT systems owner.

Isaca CGEIT Premium Access
Questions 92

An enterprise incurred penalties for noncompliance with privacy regulations. Which of the following is MOST important to ensure appropriate ownership of access controls to address this deficiency?

Options:
A.

Granting access to information based on information architecture

B.

Engaging an audit of logical access controls and related security policies

C.

Implementing multi-factor authentication controls

D.

Authenticating access to information assets based on roles or business rules

Questions 93

Which of the following is the PRIMARY responsibility of a data steward?

Options:
A.

Ensuring the appropriate users have access to the right data

B.

Developing policies for data governance

C.

Reporting data analysis to the board

D.

Classifying and labeling organizational data assets

Questions 94

Supply chain management has established a supplier policy requiring multiple technology suppliers. What is the BEST way to ensure the success of this policy?

Options:
A.

Identity and select suppliers based on cost.

B.

Align the vendor selection process with the security policy.

C.

Implement a master service agreement.

D.

Align enterprise architecture (EA) and procurement strategies.

Questions 95

Which of the following would be MOST useful for prioritizing IT improvement initiatives to achieve desired business outcomes?

Options:
A.

Budget variance analysis

B.

Enterprise architecture (EA)

C.

IT skills matrix

D.

Portfolio management

Questions 96

Which of the following is the BEST way to maximize the value of an enterprise’s information asset base?

Options:
A.

Seek additional opportunities to leverage existing information assets.

B.

Facilitate widespread user access to all information assets

C.

Regularly purge information assets to minimize maintenance costs

D.

Implement an automated information management platform

Questions 97

An enterprise has identified a number of plausible risk scenarios that could result in economic loss associated with major IT investments. Which of the following is the BEST method to assess the risk?

Options:
A.

Cost-benefit analysis

B.

Qualitative analysis

C.

Business impact analysis (BIA)

D.

Quantitative analysis

Questions 98

Which of the following is the BEST method to confirm whether a pilot project was successful?

Options:
A.

Determine whether the pilot aligns with the as-is enterprise architecture (EA).

B.

Evaluate whether the pilot project achieved planned schedule and cost.

C.

Assess the results of the pilot project against the expected performance outcomes.

D.

Review the metrics recorded in the IT balanced scorecard.

Questions 99

The CIO of a global technology company is considering introducing a bring your own device (BYOD) program. What should the CIO do FIRST?

Options:
A.

Ensure the infrastructure can meet BYOD requirements.

B.

Establish a business case.

C.

Define a clear and inclusive BYOD policy.

D.

Focus on securing data and access to data.

Questions 100

A newly appointed CIO has issued a new IT strategic plan. Which of the following is the MOST effective way for the CIO to ensure the IT management team is held accountable for the delivery of the plan?

Options:
A.

Update the IT balanced scorecard with key objectives.

B.

Enforce disciplinary action for managers if the plan is not delivered.

C.

Revise the managers' performance goals to include key objectives.

D.

Provide management training on IT Strategic Objectives

Questions 101

An IT governance committee is defining a risk management policy for a portfolio of IT-enabled investments Which of the following should be the PRIMARY consideration when developing the policy?

Options:
A.

Risk management framework

B.

Possible investment failures

C.

Value obtained with minimum risk

D.

Risk appetite of the enterprise

Questions 102

An organization is evaluating vendors to provide mobile device management (MDM) services. Which of the following is a KEY governance consideration for the IT steering committee?

Options:
A.

Service level targets align with business requirements.

B.

Employee-owned devices will be covered by the service.

C.

The MDM services are delivered via a cloud.

D.

Technology-owned devices will be covered by the service

Questions 103

An IT steering committee has received a report that supports the economic and service benefits of moving infrastructure hosting to an external cloud provider. Business leadership is very concerned about the security risk and potential loss of customer data. What is the BEST way for the committee to address these concerns?

Options:
A.

Mandate there will be no customer data at rest stored on cloud servers used by the vendor.

B.

Include compliance with the enterprise's data governance policy in the contract.

C.

Ensure reporting and penalty clauses are included in the contract for any loss of data.

D.

Require an encrypted connection between the cloud and enterprise servers.

Questions 104

An enterprise is planning to migrate its IT infrastructure to a cloud-based solution but does not have experience with this

technology Which of the following should be done FIRST to reduce the risk of IT service disruptions when using this new technology?

Options:
A.

Implement key performance indicators (KPIs).

B.

Reflect the change in the enterprise architecture (EA).

C.

Evaluate the sourcing options.

D.

Engage an experienced IT consultant to perform the migration.

Questions 105

Which of the following BEST enables an enterprise to determine how business expectations should be addressed in a governance program?

Options:
A.

Business impact analysis (BIA)

B.

Cost-benefit analysis

C.

Enterprise risk analysis

D.

Stakeholder analysis

Isaca Related Exams

How to pass Isaca CISA - Certified Information Systems Auditor Exam
How to pass Isaca CISM - Certified Information Security Manager Exam
How to pass Isaca CRISC - Certified in Risk and Information Systems Control Exam
How to pass Isaca COBIT5 - COBIT 5 Foundation Exam Exam
How to pass Isaca CDPSE - Certified Data Privacy Solutions Engineer Exam
How to pass Isaca COBIT-2019 - COBIT 2019 Foundation Exam
How to pass Isaca NIST-COBIT-2019 - ISACA Implementing the NIST Cybersecurity Framework using COBIT 2019 Exam

Isaca Free Exams

Isaca Free Exams
Examstrack offers comprehensive free resources and practice tests for Isaca exams.